This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa File: fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa (raw, json) Hash identifier: zlge6PV9sex75k7GjKYIISwgvahcBUK/kqgPH9+xG3A= Subject key identifier: 79:21:DC:74:A1:BA:83:54:0C:0E:3D:B2:AC:7B:5C:19:8B:96:10:A5 Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Certificate serial: 0A8DC2493DA94068923C559361B45794BCD7CE3C Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa Signing time: Wed 10 Dec 2025 06:30:13 +0000 ROA not before: Wed 10 Dec 2025 06:30:13 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 57.95.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 19:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:8d:c2:49:3d:a9:40:68:92:3c:55:93:61:b4:57:94:bc:d7:ce:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf Validity Not Before: Dec 10 06:30:13 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=e5c9e933f86b536747b64dca4969ad319dd17160df5ee96b230fec81cefaa2a1, CN=c336411a-6651-4f13-8ef9-de681c7c9444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:56:56:56:a5:c1:61:63:f6:cb:4d:ba:ed:39: a0:c9:4f:0c:34:2e:90:11:79:82:51:67:50:c6:8b: 92:97:6d:9d:d0:bb:4d:53:84:91:5b:d0:10:02:c8: 71:cc:aa:22:77:af:88:41:b6:c0:b6:f3:65:1d:cb: 73:77:9a:c1:30:54:ff:53:0b:ec:4b:de:a1:ec:1d: fc:c5:43:ea:d3:79:cb:6c:89:20:1e:0a:bd:3d:1d: a3:cd:ff:74:42:c9:6b:21:f0:ad:eb:22:a6:5e:c1: 04:26:d5:43:ff:5c:5b:ab:74:7e:a2:91:9a:9b:b6: 42:16:9b:6a:20:3b:dd:5c:59:9c:1d:99:d0:9c:02: 96:bb:f0:6f:db:dd:0d:08:52:67:df:bd:b0:6e:67: 13:b8:ce:12:dc:b0:87:e2:67:b1:9e:ca:c5:b9:7e: c2:da:f5:e2:b8:fe:9c:89:fc:4d:7d:fa:a0:ee:d9: 4d:4b:e3:ce:f8:95:28:01:79:b0:b5:2a:9e:d8:a2: 51:10:e9:99:7b:56:c1:18:0b:3a:45:a2:20:42:98: 6d:f6:05:19:ce:09:98:42:ed:2e:6e:b5:a1:f1:4a: dc:bf:5b:d3:ef:35:62:3b:e3:6c:7a:51:b9:b2:b1: e1:67:71:1e:40:8b:cf:6e:40:f1:33:b2:2c:95:67: 01:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:21:DC:74:A1:BA:83:54:0C:0E:3D:B2:AC:7B:5C:19:8B:96:10:A5 X509v3 Authority Key Identifier: keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 57.95.0.0/16 Signature Algorithm: sha256WithRSAEncryption 64:3e:bb:e4:fc:4e:ed:08:9f:ea:9b:15:dc:af:c5:fe:8e:bd: 1e:4f:bf:d4:0e:76:ce:ed:18:58:0d:f6:db:be:09:fe:6c:bc: 75:d6:0d:d9:70:50:98:5f:4e:5f:97:e5:39:08:66:a2:c8:b3: 1d:b6:6b:65:57:e6:22:4e:d5:f1:e2:96:e9:04:b0:30:df:ab: 3d:e1:a8:a0:1a:48:e6:eb:35:4f:9a:98:48:93:bf:ec:ea:61: f7:af:d1:01:14:96:1b:ee:55:5e:71:46:66:d2:72:a2:70:b4: 76:6a:4a:90:ea:76:01:55:6a:eb:5c:55:1d:73:5e:40:a6:82: ab:4b:ef:f1:77:8b:2d:57:bd:1e:23:46:cf:c9:56:5d:87:e4: 96:34:8b:f5:4c:c2:eb:bd:77:d9:33:a7:07:c2:a2:f1:e6:9c: 4c:55:13:34:db:af:f1:60:f7:32:b8:fc:c8:38:ad:fe:5b:1e: 5b:7d:0f:16:97:42:d8:43:e2:fe:78:5e:96:c8:0b:36:c8:da: 38:84:1e:56:79:4f:70:b5:60:cf:f6:f1:a5:4d:3a:07:d9:99: dc:58:f1:7e:95:38:08:58:93:d2:5c:65:a5:8d:2c:3b:d6:c1: 8e:a8:84:27:77:0e:3b:23:04:62:1e:aa:14:94:c3:21:d9:58: 1d:99:dc:c0 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgIUCo3CST2pQGiSPFWTYbRXlLzXzjwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw ZTVjODdjZjAeFw0yNTEyMTAwNjMwMTNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQGU1YzllOTMzZjg2YjUzNjc0N2I2NGRjYTQ5NjlhZDMxOWRkMTcxNjBkZjVl ZTk2YjIzMGZlYzgxY2VmYWEyYTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK1WVlalwWFj9stNuu05oMlPDDQukBF5glFnUMaLkpdtndC7TVOEkVvQEALI ccyqIneviEG2wLbzZR3Lc3eawTBU/1ML7Eveoewd/MVD6tN5y2yJIB4KvT0do83/ dELJayHwresipl7BBCbVQ/9cW6t0fqKRmpu2QhabaiA73VxZnB2Z0JwClrvwb9vd DQhSZ9+9sG5nE7jOEtywh+JnsZ7Kxbl+wtr14rj+nIn8TX36oO7ZTUvjzviVKAF5 sLUqntiiURDpmXtWwRgLOkWiIEKYbfYFGc4JmELtLm61ofFK3L9b0+81YjvjbHpR ubKx4WdxHkCLz25A8TOyLJVnAbMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR5Idx0 obqDVAwOPbKse1wZi5YQpTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv ZmJjMjYwZmMtODI2ZC00ZDEzLWEyMGEtM2RmMmVjOTVjZjFhLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G CSqGSIb3DQEBCwUAA4IBAQBkPrvk/E7tCJ/qmxXcr8X+jr0eT7/UDnbO7RhYDfbb vgn+bLx11g3ZcFCYX05fl+U5CGaiyLMdtmtlV+YiTtXx4pbpBLAw36s94aigGkjm 6zVPmphIk7/s6mH3r9EBFJYb7lVecUZm0nKicLR2akqQ6nYBVWrrXFUdc15ApoKr S+/xd4stV70eI0bPyVZdh+SWNIv1TMLrvXfZM6cHwqLx5pxMVRM026/xYPcyuPzI OK3+Wx5bfQ8Wl0LYQ+L+eF6WyAs2yNo4hB5WeU9wtWDP9vGlTToH2ZncWPF+lTgI WJPSXGWljSw71sGOqIQndw47IwRiHqoUlMMh2VgdmdzA -----END CERTIFICATE-----Generated at Thu Dec 18 04:15:48 2025 by rpki-client